1. Field of the Invention
The present invention provides a method of checking transmitted encrypted data for unauthorized introduction of data.
2. Description of the Related Art
It is known to protect the data to be transmitted by a transmitter to a receiver against unauthorized attack by the data being enciphered. For example, H. Sedlak, U. Golze, Ein Public-Key-Code Kryptographie-Prozessor (A Public-Key-Code Cryptography Processor), Informationstechnik it, 28th year, Issue 3/1986, pages 157, 158 gives an introductory description of the possibilities of safeguarding data to be transmitted by a transmitter to a receiver. In this case, both the transmitter and the receiver may be a computer. The enciphering or safeguarding is intended to have the result that the authenticity of the sender and protection of the message or of the data against manipulation are achieved. For this purpose, the messages to be transmitted can be enciphered, or encrypted, for example on the basis of an asymmetric or symmetric enciphering method. Asymmetric encryption or enciphering means in this case that two different keys are used for enciphering and deciphering. It is similarly possible to use the same key both in the case of the receiver and in the case of the transmitter, a symmetric enciphering thereby being achieved. In the case of the asymmetric methods, it is possible that a key cannot be calculated from the other key without additional information. Therefore, one of the two keys may be published. This method is also known as the public-key method.
The message to be transmitted usually comprises useful data and a signature developed from the useful data.
The signature is an extract of the useful data enciphered with the sender key. With the aid of the receiver key, it can then be established whether the deciphered signature can be developed from the transmitted useful data. FIG. 1 shows this principle. At the transmitter SE, the useful data D are digitally appended with a signing key before sending. The signature S is obtained. The useful data are then transmitted together with the signature to the receiver EM. With the aid of the corresponding verification key, the receiver EM checks the integrity of the message comprising useful data and signature and the authenticity of the appended signature.
A potential attacker may tap the data traffic and spuriously reintroduce the tapped data together with the signature at the recipient's premises or at some other place in possession of the verification key. The recipient has no possible way of detecting from the signature whether the data are original or are spuriously introduced data.